Last updated: August 27, 2019
Who Are We
What Personal Data Do We Collect?
The personal data that we collect when you visit our Sites or use our Services, may include the following:
- Information you provide to CloudState - we collect data that you choose to provide to us when you are using our Services and that can be used to contact or identify you. Personal data may include your name and email address.
- Information from third parties - Sometimes the Sites may permit interactions with third-party websites, such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Services' functionality.
Purposes For Which We Use Personal Data
We collect and use your personal data for the purposes described below and on the following lawful bases:
- For the performance of our agreement with you - We collect personal data for the purpose of identifying and communicating with you and to respond to your requests or inquiries.
- For our legitimate interests as a business when those interests are not overridden by your interests, fundamental rights or freedoms - Our legitimate interests to analyse visits to and use of the Sites to improve and develop our Services as well as to understand our customers both on aggregated and on individual basis. This also means that we analyse your use of Services and use this information to improve our Services and to give you a better experience (e.g. we analyse what webpages you visit, which Services you use and like and how you use these Services, which enables us to create personal profiles and to assess what may be interesting to you, which recommendations we can give you when you purchase our Services). Creating such personal profiles of our customers, enables us to send you marketing materials that directly relate to your use of Services, if you have chosen to receive such materials. With respect to our customers who purchased one of our Services, we may send marketing material regarding similar Services. We may also enrich your personal data to ensure the security of our Services; to prevent fraud, hacking, cheats and spamming; and to facilitate our response to legal processes (e.g., a court order, warrant or subpoena).
- Based on your consent - We use your personal data based on your consent when you sign up to receiving our newsletters, marketing or promotion material and other information that may be of interest to you through our Sites or otherwise expressly consent to the use of your personal data. You can withdraw your consent at any time by sending an email to email@example.com or by opting-out by following the opt-out instructions in the relevant marketing communication.
Who We Share Your Personal Data With
We do not share your personal data other than described in this paragraph:
- Service Providers and processors - We engage third party companies, individuals and affiliated entities to facilitate our Services and to provide the Services on our behalf, to perform Service-related services, to assist us in analysing how our Services are used, data storage and other services. These third parties have access to your personal data only to perform specific tasks on our behalf and are obligated not to disclose or use your information for any other purpose.
- Third parties in case of legal requirement - We will also disclose your personal data if we believe we are required to do so by law, or that doing so is reasonably necessary to comply with legal processes; when we believe necessary or appropriate to disclose personal data to law enforcement authorities, such as to investigate actual or suspected fraud or violations of law or breaches of security; to respond to any claims against us; and, to protect the rights, property, or safety of CloudState, our customers, or the public.
- Third parties with consent - We will also disclose information about you, including personal data to any other third parties, where you have expressly consented or requested that we do so.
- Third parties in case of a corporate transaction - In addition, your personal data may be disclosed as part of any merger, sale, reorganization, transfer of CloudState's assets or businesses, acquisition, bankruptcy, or similar event.
In order to protect your personal data we have implemented reasonable, commercially acceptable security procedures and practices appropriate to the nature of the personal data we store, in order to protect it from unauthorized access, destruction, use, modification or disclosure. Your personal data is contained behind secured networks and is only accessible by a limited number of people, who have special access rights and are required to keep the information confidential.
Please keep in mind that no website or internet transmission is completely secure. Therefore, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. We urge you to take steps to keep your personal data safe, such as closing your web browser when finished using the Sites.
Children Under The Age Of 16
Our Services do not typically address anyone under the age of 13. Therefore, we do not knowingly request or collect personal data from children younger than 13 years of age, without parental consent. If you believe that we may have unintentionally collected personal data from a child under 13, please contact us (see below 'How you cancontact us') so that we may take appropriate steps to delete such information.
If you are at least 13 years of age but under the age of 16, we need the consent of your parent or legal guardian before you give us any personal data about yourself.
We will generally retain the personal data we processed through our Sites and Services for as long as it is required for purposes for which the data were collected. Unless we inform you otherwise, this will usually be the period of 3 years after the last interaction with you plus the length of any applicable statutory retention period following such activity.
Your personal data may be transferred to -and maintained on- computers located outside of your state, province, country or governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside the USA, please note that the information you provide (as described above under "What Personal Data We Collect") will be transferred to the USA, where the level of data protection may not be equivalent to the level of protection applicable at your location.
Where we are legally required to do so, transfers of personal data to parties outside the EU/EEA may be made pursuant to the European Commission-approved Standard Contractual Clauses or other legally acceptable mechanisms that ensure an adequate level of protection. Where applicable, you are entitled to receive a copy of the relevant contract (such as Standard Contractual Clauses or Binding Corporate Rules) showing that appropriate safeguards have been taken to protect your personal data during such transfer.
We will take steps in accordance with applicable legislation to keep your personal data accurate, complete and up-to-date. You are entitled to have any inadequate, incomplete or incorrect personal data corrected (that is, rectified). You also have the right to request access to your personal data and to obtain a copy of it as well as additional information about the processing and to request us to erase the personal data we hold about you. In cases where we rely on your consent for using your personal data, you can withdraw such consent at any time by sending an email to: firstname.lastname@example.org
The following rights apply in addition to the above to European residents:
- Right to restriction: you have the right to restrict the processing of your personal data, for example in case we no longer need your personal data in view of the initial purposes but they are required by us for the establishment, exercise of defence of legal claims.
- Right to object: you have the right to object to our processing of your personal data which is based on our legitimate interests. We will no longer process your personal data upon your request, unless we have compelling legitimate grounds for the continuation of the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. You may also object to our use of your data for direct marketing purposes. To that end, you may also use the unsubscribe button provided for in every email we send.
- Right to data portability: under circumstances, you have the right to have your personal data transmitted to another data controller in a structured, commonly used and machine-readable format.
- Right to obtain a copy of personal data safeguards used for transfers outside your location: you can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Union. We may redact data transfer agreements to protect commercial terms.
- Right to lodge a complaint: in case you have a question or complaint about how we process your personal data, you can send an email to email@example.com. It is also a possibility to lodge a complaint with a supervisory data protection authority.
- If you reside in France, you also have the right to issue directives relating to your digital legacy.
For further information regarding your rights, or to exercise any of your rights, please contact us at firstname.lastname@example.org or see section ‘How you can contact us’ for more details. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Canadian Anti-Spam Legislation
If you are a Canadian resident we have the right to send you commercial electronic messages ("CEM's") under certain conditions. We are committed to ensuring that all applicable recipients of our CEM's receive them in a manner that is consistent with Canada's Anti-Spam Legislation. We will continue to send CEM's to applicable recipient in the following contexts:
- You have provided us with your email address directly without indicating a desire not to receive CEM's.
- You have published your email address online or otherwise.
- You have explicitly informed us (verbally or otherwise) that you are interested in continuing to receive CEM's.
- You have a business relations with us.
- A third-party with whom you may have an existing relationship has referred us to you.
In the event you no longer wish to receive CEM's from us, email us at email@example.com or reply to the electronic message / email address sent to you with the word "Unsubscribe", you may also use the unsubscribe button provided for in every email we send. Our CEM's also contain information on how to unsubscribe from receiving CEM's. Your request will be processed as soon as possible, and no later than ten (10) days after you send the request.
How You Can Contact Us
Links To Other Websites
Changes To The Policy